Let me get this straight. Your school thinks it can make itself a website with a static model?

How will a static HTML page access a database?

I could record myself laughing and send it to them as an mp3, but they probably would be too scared to open it.

Yes, sadly, they do.

Let me put it this way: my school's website sucks. Then have no interactivity whatsoever. The only way to contact them is a mail-to link. We had javascript slide-out menus but one of the teachers opened the homepage in Microsoft Word and now everything is broken.

Help... :\

Is this a highschool or a university?

*cough* Highschool

Then they are probably not in a good position to handle the security concerns associated with maintaing a full-bodied web server. Perhaps you could convince them to cough up $100/yr for a commercial web server hosting account. That's much less than they would spend on someone to constantly worry about the servers being compromised. Then the hosting company would worry about security. Of course you wouldn't want confidential info on the server without proper security measures in place.

If you plan to make a career of this, I would say, start as you mean to go on. Tell them they need php and if they refuse then quit.

There is no point bandying words with people who don't understand the problems. If they are not prepared to listen to you then the reward/effort ratio will probably rubbish.

Having said that, if their requirements can be fulfilled without php, then they are not being unreasonable. For instance, if the site is little more than an advert with a few pages of news and achievements, then there's no problem to working with static html.

Kaled.

I think pixeltierra has a good point. I work at a university that runs its own servers, but they have an entire IT department to worry about security and fix things that break. If your school is so security conscious, you very well might be able to convince them of the benefits of professional hosting. Then you could even use a CMS so teachers could add things without breaking the home page. ;)

Ok devil's advocate. :-)

Whenever you are forced into a ruleset that is ouside what you prefer, the first inclination is to resist. Instead, you should see it as an opportunity to work within bounds you're not accustomed to. Although you see PHP as the **only** solution, it isn't.

Post # 2 mentions a database - I don't see from your post where they're asking you to connect to a database. If they are, this is very different. If that's the case, find out how they're asking to do so. Hee's where you bring in the virtues of PHP's security over ASP or other languages, but you have to do your homework. If they're not asking for DB connectivity, deal's off.

If you know PHP, you probably have a whole set of other tools under your belt to work fine within html. Instead of spending energy trying to resist, give your best static content site and call it an achievement. Someone will rip it up next year anyway. :-)

You'll find your hand will be forced many times in this industry, what you have to learn is how to use the rules set upon you to your advantage.

First of all, where is the server? Is it located physically at the high school, on the high school's local area network? If so, do they have seperate student, academic, and administrative networks?

If this is sitting on any of the above (except, perhaps, a student network...)

BZZZZZZZZTTTT!

The've already created a tremendous security problem! Host the website off-campus, at a commercial webhosting company.

Expense should not be an issue. A hosting account is cheap enough that the PTA or some other support group will readily pick it up if they can't find it in the school's budget. Heck, you could probably pay it yourself from your salary. (Not that you should have to.)

Problem solved - the account will already come with PHP in 99% of cases - now you just have to convince them to let you USE it.

I disagree with the answers that say "make it a challenge to yourself to create a static site." A useful exercise, perhaps, but only if there are good reasons for doing so. In this case, I don't see that there is a good reason for doing so.

I also disagree that your "hand will often be forced" in this industry. Only if you roll over and never question or challenge. Employees who are willing to do this are not, frankly, valuable employees. Question and challenge. You will either convert management to your viewpoint, or you will come to understand theirs. Or you will quit or be fired. :) In any case, you will be happier and learn valuable lessons.

I would talk about the current "standard of practice", etc. Explain that other than simple brochure websites, websites just aren't built this way any more. Explain that there will be NO possibility of any interactive content. Explain that there will be almost NO possibility of distributing updating tasks to non-HTML-savvy individuals.

Dunno what PHP tools you had in mind. But I would say right off that any high school's web site is a slam-dunk candidate for one of the currenly-popular CMSs. This will allow content creators to interact directly with the website, once things are set-up for them. It would be crazy to have people have to submit content to somebody (or a team of monkeys) who then have to turn it into HTML.

Be aware of --and prepared to account for-- the fact that is *is* possible to make an interactive site without PHP or ASP. It is not as easy, and it can no longer be considered efficient, but it can be done with server-side includes (SSI) and scripting languages such as PERL -- I believe you're reading an example right here.

However, even given that fact, it's still most efficient to do it with PHP today when taking into account the wide capabilities, interoperability, popularity, and maintainability (beyond your tenure) of PHP.

Jim

Problem is, it's most likely that somewhere someone has read (in some 1995 document no doubt) that SSIs are a security risk and it too will likely be disabled.

I also disagree that your "hand will often be forced" in this industry. Only if you roll over and never question or challenge.

Have you ever tried to work with an educational institution, government agency, or other "committee?" The amount of paperwork involved in moving a stone across a desk is gigantic and requires dozens of signatures and approvals, with bureaucratic hangups all along the way. No matter how well you voice your argument, "question or challenge" will eventually equal "difficult to work with and unemployed." :-)

He/She who has the gold makes the rules. And from an educational institution standpoint, "committee" is so busy squeezing profits out of budgets they will not be interested in tossing a dime for a high school hosting. It's just not important enough.

You can build a great high school site in static HTML. Give it a go.

I think rocknbil actually hit on something... rather than trying to sell them PHP , sell them the virtues of database and database connectivity and the real benefits they can acheive for the students from this...

Start with the real basic but important enhancements that can happen immediately.. then suggest the possibilities for growth in the future and what it can develope in to, pointing out what they have is stuck...

Point out the need for forward thinking and that a database is a future proof solution...

Once you have sold them on that you can work on how best to go about it...

[edited by: Lobo at 11:17 pm (utc) on Oct. 26, 2006]

I have run into that attitude before, a while back when a local school wanted help cleaning up their site that some students had made rather a mess of.

I turned it down after talking to them - and I also got a severe shock about how totally out of touch some of the teachers and school board members were with the current state of the web, computers, and technology in general.

At first I was going to just do it as a freebie, but after that I would not even do it for money.

One guy tried to impress me with the fact that he "used to program networks for IBM in Cobol"... hmm.. ok... Another wanted to make sure that the server was in the Principles office to "avoid hacking".

It is no wonder our kids are coming out of school unprepared. I hope they are not all that bad.

Another wanted to make sure that the server was in the Principles office to "avoid hacking".

What a silly idea. They could always hack into it after the principal goes home.

: )

Or obviously if the principle wasn't looking ;)

since when does one have to be able to physically touch a box to hack it?

yes it's easier to insert a key into a usb slot with an autorun delivery for something ..

but the server config and it's level of lockdown in response to emails , queries , requests and any kind of contact via any kind of code at all etc is far more important ..and even unplugging it from the wall and the phone jacks will only stop the ones who just want to adjust it non destructively ..

rent some space in a in a reputable hosting companies machine ..read up on all the vulnerabilities that are commonplace ..and switch off the "bells and whistles that let them happen "..install your PHP if you wish ( all though as rocknbill says you could make a pretty servicable site with static )..cross your fingers that the other user accounts on the machine are behaving themselves ..

and you'll be safer than a vets administration mailing list in a DC laptop ;-)

Looks like Leosghost had the irony by-pass .. must be american ;-)